South and City College Birmingham Hit with Ransomware
Students were told to stay at home all week, while forensic specialists are conducting an investigation.
Following a major ransomware cyberattack that disabled its core IT systems, South and City College Birmingham has closed all its campuses to students for a week, James Cartledge writes. The eight sites of the institution will be shut and revert to online teaching from today while computer forensic specialists work to fix the issue.
The college, which is the result of a merger between South Birmingham College and City College Birmingham and has over 20,000 students, tweeted:
The latest info and advice for students following the ransomware attack on our IT system and subsequent campus closures: https://t.co/HFNceOL5Ey Thank you all for your patience while we work to reopen as soon as possible. #update #southandcitycollege pic.twitter.com/1UjpRJc6hr
— @southandcitycol (@southandcitycol) March 15, 2021
In September 2020, the National Cyber Security Centre warned that more and more ransomware attacks are targeting the UK education sector, including schools, colleges, and universities. NCSC also suggested following a guide that helps private and public sector organizations deal with the consequences of ransomware attacks.
Following this recent incident, the South and City College Birmingham stated:
Email communications are the first entry point into an
Heimdal™ Email Fraud Prevention
all your incoming and outgoing comunications.
- Deep content scanning for attachments and links;
- Phishing, spear phishing and man-in-the-email attacks;
- Advanced spam filters to protect against sophisticated attacks;
- Fraud prevention system against Business Email Compromise;
These incidents increased by 80% in only three months, and it is believed that the thousands of people working from home have played a key part in the escalation.
Last year, the University of Birmingham was among 20 UK-based universities and charities which were subject to cyberattacks. Students’ personal information was leaked online, including names, birth dates, home addresses, phone numbers and email addresses.
All organizations are required to take the necessary steps to prevent these attacks, including patching their systems, using anti-ransomware solutions and training employees about the risks of phishing emails.